Hi, Kai Schaetzl wrote:
I don't know what's going on - it seems that testsaslauthd doesn't lookup the user 'testomat' in /etc/sasldb2
Should it really do that with auth-mech=shadow?
oh, I forgot to mention - of course I already tried that one: saslauthd -d -a pam -O /usr/lib64/sasl2/smtpd.conf -r -l
Without success.
Regards Michael
Michael Kress wrote on Wed, 26 Aug 2009 11:13:34 +0200 (CEST):
oh, I forgot to mention - of course I already tried that one: saslauthd -d -a pam -O /usr/lib64/sasl2/smtpd.conf -r -l
I may be wrong, but I would think that this still won't work. If you use pam or shadow saslauth should use system users and not check the sasldb.
We are using Dovecot for POP/IMAP and so I use it for SASL authentication since CentOS 5 as well. That has worked out-of-the-box since I first tried it. I see you want to use Cyrus. I've no experience with saslauthd and postfix, I used to use it only with sendmail and I remember that we had tiny problems to get it running with about every second setup back then. If it doesn't matter which POP/IMAP server you use I would recommend going with Dovecot.
Kai
Michael Kress wrote on Wed, 26 Aug 2009 14:07:44 +0200 (CEST):
The purpose for using /etc/sasldb2 is to use SMTP AUTH.
I know (that's always the purpose), but it wasn't clear if you *have* to use the sasldb2. As I said you can't use authentication schemes against system accounts if you want to authenticate against other dbs. I think Alexander gave you the correct instructions for that.
Kai
Michael Kress wrote on Wed, 26 Aug 2009 14:07:44 +0200 (CEST):
The purpose for using /etc/sasldb2 is to use SMTP AUTH.
I know (that's always the purpose), but it wasn't clear if you *have* to use the sasldb2. As I said you can't use authentication schemes against system accounts if you want to authenticate against other dbs. I think Alexander gave you the correct instructions for that.
Kai
On Wed, 2009-08-26 at 14:07 +0200, Michael Kress wrote:
Kai Schaetzl schrieb:
If it doesn't matter which POP/IMAP server you use I would recommend going with Dovecot.
The purpose for using /etc/sasldb2 is to use SMTP AUTH. (See my other posting).
Dovecot can be used for incoming SMTP AUTH with postfix. It does not support outgoing SMTP auth (client side), but you don't need that for a server. It is much easier to setup than Cyrus and in the two days since I installed it, seems to be quite reliable. Whether you will be able to migrate your existing database will depend on what format it is in and which authentication mechanisms you want to support.
See: http://www.postfix.org/SASL_README.html
http://wiki.dovecot.org/Authentication discusses the various formats of the dovecot password database and the types of authentication supported by each.
Nataraj
Regards Michael _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-
Kai Schaetzl -
Michael Kress -
Nataraj